| commit | 38edd249fa0e6b5e1e1917e6d14077467e77439c | |
| author | erg <erg@chromium.org> | |
| Tue, 28 Jul 2015 18:46:08 +0000 (28 11:46 -0700) | ||
| committer | Commit bot <commit-bot@chromium.org> | |
| Tue, 28 Jul 2015 18:46:41 +0000 (28 18:46 +0000) | ||
| tree | fa4ac9b913ef8a8827a19b38f6d278e074af6313 | treesnapshot (tar.gz zip) |
| parent | 24a5806209d95faea058684b03a2d5f42c18ecae | commitdiff |
mandoline: Enable the sandbox on clipboard and tracing.
This modifies how we bring up child processes in the mandoline
shell. When sandboxing, we must raise the sandbox before we start any
threads on Linux. So we pass the path to the binary to run on the command
line in addition to passing it through mojo, so that we can pass that
file to the seccomp sandbox's file whitelist.
This is enough to get mojo:clipboard and mojo:tracing running in a
sandbox in --enable-multiprocess mode.
BUG=492524
Review URL: https://codereview.chromium.org/1239133004
Cr-Commit-Position: refs/heads/master@{#340734}
This modifies how we bring up child processes in the mandoline
shell. When sandboxing, we must raise the sandbox before we start any
threads on Linux. So we pass the path to the binary to run on the command
line in addition to passing it through mojo, so that we can pass that
file to the seccomp sandbox's file whitelist.
This is enough to get mojo:clipboard and mojo:tracing running in a
sandbox in --enable-multiprocess mode.
BUG=492524
Review URL: https://codereview.chromium.org/1239133004
Cr-Commit-Position: refs/heads/master@{#340734}
22 files changed: